Brent Cook
f4befda59b
inherit the options from the default target so we can autocomplete before the rhost resolution occurs
2017-02-17 15:50:45 -06:00
Brent Cook
da82f0891e
Land #7860 , Add OverrideScheme option to reverse_http/s handler
2017-02-17 11:12:49 -06:00
Craig Smith
1214ef5b79
Replaced tabs with spaces and removed trailing spaces at EOL
2017-02-15 16:46:11 -08:00
Craig Smith
8f1856c5d1
Fixed a bug with DTC decoding.
...
DTC Codes now print the English error messages next to their code with getvinfo
Frozen DTCs can also be fetched via get_frozen_dtcs()
2017-02-15 16:26:23 -08:00
wchen-r7
f600fa1caa
Be aware of logout
2017-02-14 17:03:57 -06:00
wchen-r7
81abbfba46
Resolve #7959 , Automatically login to RPC service after expiration
...
When the RPC client token expires, it will automatically login
again, and renew the token during the next RPC request.
Resolves #7959
2017-02-14 16:41:08 -06:00
Brent Cook
c1d08b9574
rename udp_sock to udp_socket to avoid mixin collisions
2017-02-12 22:31:56 -06:00
wchen-r7
4b5bc84f5c
Land #7918 , Fix report_vuln for aux/scanner checks
2017-02-09 12:18:33 -06:00
Tim
095831e029
fix silly typo
2017-02-08 23:41:15 +08:00
William Vu
b06895b604
Hide RPORT more intelligently
2017-02-08 09:40:42 -06:00
Tim
870621d169
Add OverrideScheme option, fixes #7841
2017-02-08 23:30:29 +08:00
William Vu
31f93de150
Update HttpClient and WordPress mixins
2017-02-06 04:40:26 -06:00
William Vu
ba80e1d9e5
Fix report_vuln for aux/scanner checks
...
Msf::Auxiliary::Scanner#setup sets it to nil in instance.check_simple.
2017-02-06 01:20:18 -06:00
Josh Hale
02afc3af96
Add lines for no IPv4/IPv6 routes
2017-02-05 17:38:30 -06:00
Pearce Barry
cab19dc63c
Land #7904 , Fix a bug where PHP tags were in the wrong place
2017-02-05 11:43:24 -06:00
Josh Hale
79b92ccdc7
Fix for Route Print IPv6 Error
2017-02-04 16:21:55 -06:00
Brent Cook
64e475a4ee
Land #7892 , Enhance the creds command to allow creating logins
2017-02-03 11:53:46 -06:00
James Lee
3c7f78167a
Push up the preamble and modernize style
2017-02-02 17:57:03 -06:00
James Lee
c9560b5aa8
Add error_reporting to preamble
2017-02-02 17:48:28 -06:00
Pearce Barry
23c2787d57
Land #7795 , Hardware Bridge API.
...
Initial bridge API that supports the HW rest protocol.
2017-02-02 08:47:59 -06:00
Pearce Barry
16de745437
Minor code cleanups/corrections.
2017-02-01 16:12:45 -06:00
OJ
72c641fcab
Land #7889 - use a better check for whether rhosts exists
2017-01-31 07:49:14 +10:00
darkbushido
e5d8a64770
adding the ability to create logins
2017-01-30 10:43:27 -06:00
Brent Cook
76529278b8
make sure we can actually invoke auto targeting before adding it
2017-01-30 05:24:57 -06:00
Brent Cook
7d32166c70
use a better check for whether rhosts exists
2017-01-29 19:18:23 -06:00
OJ
d8511d1ad5
Add exception when SESSION doesn't exist
2017-01-30 10:26:23 +10:00
William Vu
b44e7ff733
Fix argument passing for deprecated scripts
...
This allows the scripts to continue working while warning the user.
See also: c59b5eaa2f
.
2017-01-29 14:14:55 -06:00
darkbushido
39d702ebd9
changing the syntax to work with ruby 2.1
...
Fixes #7881
2017-01-27 11:20:26 -06:00
William Vu
c59b5eaa2f
Fix #7823 , legacy_script_to_post_module fixes
2017-01-26 16:26:00 -06:00
Craig Smith
87701ff758
Added more error handling to bail out more gracefully when things go wrong. Could
...
be more common with bluetooth connections.
2017-01-25 18:23:57 -08:00
Craig Smith
2ff4e6f57e
Fixed defaults for elm327 realy.
...
Array2Hex in the automotive extension how supports passing an array or integers or string hexes
Added some extra error handling for UDS calls to non-supported pids
2017-01-25 11:30:29 -08:00
Pearce Barry
9b16cdf602
Land #7845 , Fix Msf::Exploit::EXE shellcode/template mismatch
2017-01-22 16:09:41 -06:00
Brent Cook
414977125f
Merge remote-tracking branch 'upstream/master' into land-7847-
2017-01-22 14:11:40 -06:00
Brent Cook
ac2ceca5e3
Land #7804 , Switch the creds command to use named options
2017-01-22 10:49:19 -06:00
Brent Cook
6a2d036ea8
depend on regular rb-readline, bugs fixed upstream
2017-01-22 10:20:05 -06:00
Brent Cook
99047fa8a1
be stricter in what we accept for payload uri
...
datastore needs to contain something to produce a valid URI
2017-01-22 10:20:04 -06:00
Brent Cook
836da6177f
Cipher::Cipher is deprecated
2017-01-22 10:20:03 -06:00
Brent Cook
f69b4a330e
handle Ruby 2.4 Fixnum/Bignum -> Integer deprecations
2017-01-22 10:20:03 -06:00
William Vu
a7fac41172
Make shell_command_token time out again
2017-01-20 23:09:22 -06:00
William Vu
84513fd83c
Add exception for HttpClient
...
Since it uses Rex::Proto::Http, which then uses Rex::Socket::Tcp.
2017-01-20 20:00:27 -06:00
William Vu
89b2f087fc
Add TCP/UDP hint to RPORT
...
Caveat: works with mixins only (tenuously).
2017-01-20 19:50:40 -06:00
Tim
64e7f13067
improve error detection
2017-01-19 16:40:35 +07:00
Tim
c1e30b632b
fix #7725 , inject into the Activity constructor
2017-01-19 16:24:26 +07:00
Tim
f8f764aefc
fix #7617 , invalid register when hooking smali code
2017-01-19 14:52:30 +07:00
William Vu
d8da7c6d43
Fix Msf::Exploit::EXE shellcode/template mismatch
...
Initialize EXE options unless code is supplied with platform/arch.
2017-01-19 00:07:35 -06:00
Brent Cook
b94eefe724
Land #7771 , Add history deduplication
2017-01-18 21:06:42 -06:00
William Vu
ef487f6be5
Remove history clearing
2017-01-18 14:55:12 -06:00
David Maloney
d564f5d60a
don't add auto targets to things without rhost
...
Things like browser exploits don't have remote host options
which is what auto targeting relies on, so it does not make sense
to include the auto-targeting in these exploits
7837
2017-01-17 11:40:07 -06:00
William Vu
77c78fa5f4
Move Rex::Text::Table workspace output to -v
2017-01-15 23:15:14 -06:00
William Vu
38382bb61a
Convert workspace command to Rex::Text::Table
...
Still can't get over how it's called "loots." :D
2017-01-15 03:26:35 -06:00
William Vu
b86c1f0465
Land #7823 , legacy_script_to_post_module check
2017-01-13 17:37:41 -06:00
James Lee
3c0ce8eafb
Fix some rubocop complaints
2017-01-13 17:24:23 -06:00
William Vu
0800a4f816
Update RPC functionality
2017-01-12 19:35:42 -06:00
William Vu
601a88dad7
Update cmd_unload in CommandDispatcher
2017-01-12 19:29:28 -06:00
William Vu
2ad29a2351
Prefer find over each
...
Since we're modifying the load method directly, there should only ever
be one previously loaded instance. Suggestion by @egypt.
2017-01-12 19:28:06 -06:00
Brent Cook
8f6fe87400
fix assignment
2017-01-12 17:16:19 -06:00
William Vu
d58db72cd0
Force unloading of already loaded plugins
2017-01-12 14:18:52 -06:00
Brent Cook
c080d78922
intercept legacy meterpreter script runs and substitute post modules
2017-01-12 14:08:43 -06:00
Brent Cook
b28f600aea
Land #7584 , fix apk injection into proguarded apks
2017-01-11 12:45:23 -06:00
David Maloney
38a4c2aa97
fix autotargeting failure
...
the fallback to the original default was failing because
it was assuming rhost was already set, so it would always
go back to the first default target. now the auto_target? method
only returns true if can pull an auto_target_host
2017-01-10 14:12:28 -06:00
wchen-r7
18347a8de7
Land #7774 , Fix pivoting of UDP sockets in scanners
2017-01-10 13:57:28 -06:00
bwatters_r7
b3e8c3376d
Land #7788 , Add ability to interact with a manually backgrouned session
2017-01-10 08:55:00 -06:00
darkbushido
3e1cd0c789
adding a check to make sure you only give a signle private type
2017-01-09 15:13:36 -06:00
David Maloney
8c395338af
Land #7743 , wchen's digest auth nonce fix
...
land sinn3r's pr for fixing the Digest Auth nonce
2017-01-09 14:16:09 -06:00
darkbushido
6bd2e03f37
dding realm tests showed a bug. its now squashed.
2017-01-09 13:04:34 -06:00
darkbushido
3674b25885
fixing the tests, more need to be added
2017-01-09 13:04:34 -06:00
darkbushido
a3b1f7e360
the commands now work, onto tests
2017-01-09 13:04:34 -06:00
darkbushido
23cbc99341
changing the creds add command to use named params
2017-01-09 13:04:34 -06:00
darkbushido
c179e0358f
origin_type manual requires a user...
2017-01-09 13:04:34 -06:00
darkbushido
ed3b34179b
moving creds to its own dispatcher
2017-01-09 13:04:34 -06:00
William Vu
1a04691201
Fix #2504 , edit command fixes I missed 3y ago
...
local_editor was never nil, so there was some dead code.
2017-01-08 03:02:19 -06:00
Craig Smith
5f07bca775
Hardware Bridge API. Initial bridge API that supports the HW rest protocol specified here:
...
http://opengarages.org/hwbridge Supports an automotive extension with UDS calls for mdoule
development.
2017-01-06 19:51:41 -08:00
Adam Cammack
dbdc558f0b
Land #7776 , don't log on harmless DB errors
2017-01-06 18:25:13 -06:00
David Maloney
2108913e77
target_host method had a name collision
...
this method appears to have been accidentaly overriding another
method causing sessions to never finish being established
2017-01-06 12:44:37 -06:00
William Vu
969df408c7
Land #7786 , Microsoft Edge constant for HttpClient
2017-01-05 21:07:57 -06:00
David Maloney
10cfadaf98
add optional output to merterp run_cmd
...
the run_cmd method on meterpreter sessions can now
take an optiona output IO to redirect output. This allows
backgrounded sessions to also run commands and still output
to the console
2017-01-05 12:12:20 -06:00
Carter
e85721113a
Add Edge to constants
2017-01-04 22:20:42 -05:00
wchen-r7
180795f209
Fix #7743 , nil @cnonce in rex/proto/http/client.rb
...
Fix #7743
2017-01-04 11:50:31 -06:00
David Maloney
31d36d9112
if autotargeting fails fall back
...
fallback to the original first target if auto-targeting fails
2017-01-03 14:38:52 -06:00
David Maloney
5fd531028c
ome minor guards and spec fixes
...
some minor conditional guards and spec fixes
2017-01-03 14:38:51 -06:00
David Maloney
2d5158403b
add YARD docs to auto target methods
...
added YARD docs
MS-2325
2017-01-03 14:38:51 -06:00
David Maloney
a61b92aa3e
tweak target selection
...
the target selection actually adjust the datastore
as if a user selected the target, this prevents
a mismatch between the target and the target index
MS-2325
2017-01-03 14:38:51 -06:00
David Maloney
3d2957dff1
tying it all together
...
insert our autotarget routine into
the main target selection process
MS-2325
2017-01-03 14:38:50 -06:00
David Maloney
44830dfc54
prefer authour's target over ours
...
if the module authour added an automatic target
we skip our routine, to let the module's own automatic targeting
take over as it likely be better
MS-2325
2017-01-03 14:38:50 -06:00
David Maloney
1afc57da40
determine most precise filter
...
drop back to our most precise level of filtering
MS-2325
2017-01-03 14:38:50 -06:00
David Maloney
201b65e43d
remaining os filtering
...
now can filter by os name and service pack
need to do final logic to turn that into an actual
target selection
MS-2325
2017-01-03 14:38:50 -06:00
David Maloney
05ac2ee6ed
convert first stage to os_family
...
added the new os-family column to Host
so now we use that as our first stage filter
for targets
MS-2325
2017-01-03 14:38:49 -06:00
David Maloney
95d5c7a778
filtering by os_name
...
targets now filtered by OS name, but a little
more processing may be needed on this part because
it looks like what you'd expect in os_flavor gets jammed
into name instead
MS-2325
2017-01-03 14:38:49 -06:00
David Maloney
4060e63b89
add tests for auto target addition
...
tests to make sure we add auto targets only
in the appropriate conditions
MS-2325
2017-01-03 14:38:49 -06:00
David Maloney
84d5e42e4f
start gearing up for testing
...
start getting auto-targeting test framework in place
so we can have unit tests for this behaviour
MS-2325
2017-01-03 14:38:45 -06:00
David Maloney
769d477e97
if no automatic target defined, add one
...
if an exploit does not have a defined automatic target
then we add one in for our fallback auto-targeting
MS-2325
2017-01-03 13:54:34 -06:00
Brent Cook
3808eebad8
Land #7704 , Update jobs output to show TCP listener information
2017-01-02 15:44:49 -06:00
Brent Cook
d9be9f3b2e
Land #7764 , add to_handler command to launch a handler from the payload module
2017-01-02 15:40:38 -06:00
Brent Cook
35bb725f19
rubocop fixes for payload dispatcher
2017-01-02 15:39:48 -06:00
Brent Cook
4f0569c6ce
support pivoting with UDP port scanners
...
Use bound UDP sockets for each UDP service/ip that we wish to scan,
managing and closing them locally as they expire, rather than an unbound
socket.
2017-01-02 08:55:27 -06:00
Brent Cook
225aaac8fd
remove logging of expected exceptions in connection_established? method
2017-01-02 08:31:05 -06:00
William Vu
4264521354
Fix broken CVE reference and update links
...
Prefer HTTPS over HTTP, too.
2017-01-01 21:33:59 -06:00
Pedro Ribeiro
956602cbfe
add final wnr2000 sploits
2016-12-31 16:49:05 +00:00
William Vu
fdfa8b8fdb
Remove erroneous newline
2016-12-30 19:09:37 -06:00
William Vu
db90d541fb
Add history deduplication and clearing
2016-12-30 19:02:47 -06:00
William Vu
73d454387c
Fix #7765 , additional fixes for history command
...
1. Really fix crash by restoring default behavior
2. Add whitespace padding to command number
3. Refactor logic a bit for clarity
2016-12-30 18:21:24 -06:00
William Vu
3ff74f019d
Fix #7765 , history command fixes and improvements
...
1. Fix crash when no arguments are specified
2. Print history index starting at 1 like every shell
3. Fixed wording/phrasing
4. Fixed formatting/whitespace
2016-12-30 17:35:18 -06:00
h00die
2856facdf0
Land #7765 , adds the history command to msfconsole
2016-12-30 14:54:32 -05:00
Luis Fontes
e729254b4f
minor tweaks
...
added dots to the end of lines,
checked val for nil before runing match
2016-12-30 19:30:01 +00:00
Luis Fontes
f073e78838
replaced hardcoded value variable
2016-12-30 08:49:13 +00:00
William Vu
0321000ea7
Update Http mixin for opts[:ssl]
...
1. Add opts[:ssl]
2. Remove opts[:busybox]
3. Refactor logic
4. Remove resource_uri
2016-12-30 00:56:02 -06:00
William Vu
34d358b8d7
Update CmdStager with new toys
2016-12-30 00:56:02 -06:00
William Vu
58dd59fad5
Add Http mixin for CmdStager
2016-12-30 00:56:02 -06:00
Luis Fontes
e7249742b3
Added the history command
...
Added the "history" command to see a list of commands used before.
```
msf exploit(handler) > history -n 4
2344 set PAYLOAD windows/meterpreter/reverse_tcp
2345 set LHOST 10.0.1.109
2346 exploit
2347 history -n 4
msf exploit(handler) > history -h
Usage: history [options]
Show the command history
OPTIONS:
-a Show length commands in history
-h Help banner.
-n <opt> Show the last n commands
msf exploit(handler) >
```
2016-12-29 17:03:54 +00:00
Luis Fontes
cb0a7986bf
Added to_handler command
...
This commit adds a "to_handler" command to msfconsole when "using" a payload.
After generating a payload from msfconsole, we needed to set multi/handler and the payload with the same param as we used to generate it. That was really boring...
The to_handler command creates the handler and sets the payload and the options set for it.
### Example Output:
```
msf > use payload/windows/meterpreter_reverse_tcp
msf payload(meterpreter_reverse_tcp) > set LHOST 10.0.1.109
LHOST => 10.0.1.109
msf payload(meterpreter_reverse_tcp) > set LPORT 3377
LPORT => 3377
msf payload(meterpreter_reverse_tcp) > show options
Module options (payload/windows/meterpreter_reverse_tcp):
Name Current Setting Required Description
---- --------------- -------- -----------
EXITFUNC process yes Exit technique (Accepted: '', seh, thread, process, none)
EXTENSIONS no Comma-separate list of extensions to load
EXTINIT no Initialization strings for extensions
LHOST 10.0.1.109 yes The listen address
LPORT 3377 yes The listen port
msf payload(meterpreter_reverse_tcp) > to_handler
[*] Payload Handler Started as Job 0
[*] Started reverse TCP handler on 10.0.1.109:3377
[*] Starting the payload handler...
msf payload(meterpreter_reverse_tcp) >
```
2016-12-28 20:03:40 +00:00
bwatters_r7
4906b8a85a
LAND #7760 , prevent duplicate UUIDs when generating Android HTTP/S payloads
2016-12-28 10:48:36 -06:00
Brent Cook
a4950a1598
add auto-complete info for 'show info'
...
msf > use auxiliary/admin/http/nuuo_nvrmini_reset
msf auxiliary(nuuo_nvrmini_reset) > show
show actions show all show encoders show exploits show missing show options show plugins show targets
show advanced show auxiliary show evasion show info show nops show payloads show post
2016-12-27 15:48:41 -06:00
Brent Cook
e74239b30f
allow reusing the already-generated payload uuid in generate_uri_uuid_mode
2016-12-27 15:37:39 -06:00
William Webb
5702bd6745
Land #7674 , Move migration stub generation code into msf
2016-12-22 17:53:00 -06:00
Brent Cook
9e75866188
Land #7738 , Add sort by column to services and hosts commands
2016-12-22 01:10:45 -06:00
William Vu
0221d2d904
Land #7735 , make assigning payloads fast again!
2016-12-21 00:16:52 -06:00
William Vu
f95136ce67
Prefer && over and
2016-12-21 00:16:33 -06:00
William Vu
574ebd07d7
Update cmd_hosts
2016-12-20 23:32:10 -06:00
h00die
cc293f06fe
Adds some fail safes to cmd_use
2016-12-20 22:08:41 -05:00
William Vu
60d5cefd68
Land #7727 , nuke sess from orbit
...
Replace with consolidated sessions command.
2016-12-20 20:35:20 -06:00
William Vu
6e830a886e
Land #7737 , print_warning on session_compatible?
2016-12-20 20:11:11 -06:00
OJ
1098bc6d90
Warn user when session not compat instead of failing
...
This commit changes the post mixin so that the session compat check only
shows a warning rather than throwing an exception and stopping the
module from working completely.
This is off the back of the discussion involved with #7736
2016-12-21 11:14:52 +10:00
William Vu
11e3e1f3dd
Handle a couple more edge cases
...
I don't want to go any further down the rabbit hole.
2016-12-20 18:36:22 -06:00
William Vu
41605c533c
Add reference name enforcement to cmd_use
2016-12-20 18:21:24 -06:00
Brent Cook
efb015facc
make assigning payload fast again
...
This streamlines the check for whether the currently-selected payload is
compatible on assignment. Rather than building the entire list of
compatible payloads, and seeing if what the user typed is in it (and
making multiple giant lists on the way), we simply check the module the
user typed directly.
2016-12-20 17:39:09 -06:00
OJ
ee4caba646
Remove `terminal` and tweak `sessions`
...
Hopefully everyone is now happy!
2016-12-20 07:50:07 +10:00
OJ
74040c4ee6
Rename the `sess` command to `terminal`
...
Lots of people have been frustrated by the `sess` command as it mucks
with the autocomplete for `sessions`. This is a fair concern, especially
given that `sess` was intended to be a non-annoying shortcut.
This commit changes the `sess` command so that it is instead called
`terminal`. I couldn't think of a better option that didn't already
clash with another name or meaning. At least `terminal` is something
that doesn't clash, doesn't muck with any existin autocomplete rules,
and is in some way another name for the existing sessions.
Feedback appreciated!
2016-12-19 17:05:04 +10:00
Sonny Gonzalez
2e198ae2a8
Land #7721 , better smtp connection error messages
2016-12-18 14:38:13 -06:00
Adam Cammack
62d8cc7b21
Handle some error conditions with SMTP delivery
2016-12-16 16:06:02 -06:00
jinq102030
f29c9a7c45
Merge pull request #7716 from acammack-r7/smtp-deliver-ssl
...
Make SMTP delivery work with a range of server SSL
2016-12-16 08:58:55 -06:00
David Maloney
8b02f422f7
add meterpreter cmd interaction to console
...
add the -C flag to the sessions command to trigger
meterpreter commands on sessions without going
full interactive
2016-12-15 23:17:06 -06:00
Adam Cammack
47df88a5cc
Make SMTP delivery work with a range of server SSL
2016-12-15 16:57:08 -06:00
Brent Cook
fa016de78a
Land #7634 , Implement universal HTTP/S handlers for Meterpreter payloads
2016-12-13 18:13:22 -06:00
William Vu
ad7b3dac2d
Account for negative indices
2016-12-12 14:24:24 -06:00
William Vu
b9e9d97479
Add -O (order_by) to services (cmd_services)
2016-12-12 14:24:24 -06:00
OJ
505cc19662
Update reverse_tcp to show TCP listener information
...
Also update the readable text to only output the listener information if
it differs from the payload information.
2016-12-12 15:56:26 +10:00
Adam Cammack
ccba73b324
Add stageless mettle for Linux/zarch
2016-12-09 18:30:52 -06:00
Adam Cammack
7d36d41b20
Add stageless mettle for Linux/ppc64le
2016-12-09 18:27:22 -06:00
Adam Cammack
ee7d5fc0c9
Add stageless mettle for Linux/ppc
2016-12-09 18:25:57 -06:00
Adam Cammack
7aec68c1fe
Add stageless mettle for Linux/mips64
2016-12-09 18:21:52 -06:00
Adam Cammack
b74482aa6e
Add stageless mettle for Linux/armbe
2016-12-09 18:18:22 -06:00
Adam Cammack
12b296ab1a
Add stageless mettle for Linux/aarch64
2016-12-09 18:05:34 -06:00
Brent Cook
50f95f9940
Land #7681 , Get ready for stageless mettle
2016-12-09 09:31:47 -06:00
Adam Cammack
eeef8fa6ad
Add new arches to UUIDs
2016-12-08 16:29:43 -06:00
OJ
d0696a09ad
Move migration stub generation into MSF
...
This code adds support for transport-specific migration stubs to be
generated in MSF rather than having them hard-coded in Meterpreter.
2016-12-08 16:01:13 +10:00
David Maloney
74b3a00035
fix payload datastore merge
...
fix the way we merge the payload datastore in so
the options actually take
2016-12-07 14:04:42 -06:00
Adam Cammack
c5641c9681
Factor out mettle configuration
...
Also cleans up some stuff: s/url/uri/ and base-64 encodes UUIDs
2016-12-06 18:28:48 -06:00
David Maloney
606232828f
freeze punk, it's rubocop!
...
rubocop autocrrecting a bunch of stuff *fingers crossed*
2016-12-06 17:17:56 -06:00
David Maloney
dc53057639
more bcook fixes
...
the rebase lost some of these
2016-12-06 17:14:22 -06:00
David Maloney
c8f6ac99a1
reapply bcook's indentation fixes
2016-12-06 16:52:46 -06:00
David Maloney
d3225ce2fb
Merge branch 'master' into feature/handler-command
2016-12-06 16:51:57 -06:00
Brent Cook
f734031804
Land #7655 , Refactor/cleanup core command dispatcher
2016-12-06 16:38:42 -06:00
Brent Cook
d091a32be8
whitespace/indentation
2016-12-06 16:37:22 -06:00
Adam Cammack
1ec7474067
Don't embed ELFs in ELF templates
2016-12-06 14:14:40 -06:00
David Maloney
62f0e7b20a
add the handler console command
...
sometimes, as a user, you need to start a handler
but don't want to exit your current console context.
The new handler command allows a user to spin up a handler
in background job without switching contexts
2016-12-06 14:04:39 -06:00
OJ
ffee0ff1b6
Fix payload cache size issue, fix shell/bind payloads
2016-12-06 11:12:02 +10:00
Jeffrey Martin
9ba6797d19
use arch for session_compatible? to support shell sessions
2016-12-05 15:56:28 -06:00
Jeffrey Martin
483228c4ea
use platform for session_compatible? to support shell sessions
2016-12-05 14:14:37 -06:00
David Maloney
f56c7f9a8e
cosmetic touchups
2016-12-05 11:25:56 -06:00
David Maloney
d85f9880ff
fix command dispatcher specs
2016-12-05 11:16:15 -06:00
David Maloney
ab2e88a49e
created modules command dispatcher
...
moved all commands related to navigating around
modules, editing them, and viewing their info into
a new command dispatcher
2016-12-05 10:30:18 -06:00
David Maloney
6557a84784
add resource command dispatcher
...
move resource script related commands into
their own command dispatcher
2016-12-05 09:20:07 -06:00
David Maloney
2008dcb946
create jobs command dispatcher
...
split the jobs related commands into their own
command dispatcher to start cleaning up the 'core'
dispatcher
2016-12-05 09:12:52 -06:00
Brendan
86ec5861f9
Land #7649 , update session_compatible? for changes from PR#7507
...
Fixing the ability to find compatible post scripts for sessions
2016-12-02 16:29:08 -06:00
Jeffrey Martin
b218c7690a
cleanup stray comment
2016-12-02 15:25:58 -06:00
Jeffrey Martin
0be166e719
update session_compatible? for changes from PR#7507
2016-12-02 14:55:38 -06:00
darkbushido
889de05af4
removing some commented code
2016-12-02 13:06:22 -06:00
darkbushido
486f8cd2a3
adding arch to search
2016-12-02 13:05:23 -06:00
darkbushido
f6694992ce
changing module search to use the new scopes
2016-12-02 13:05:23 -06:00
Tim
5a2eb29a1b
remove unused generate_small_uri
2016-12-01 18:33:36 +08:00
Tim
4da614532b
fix luri
2016-12-01 18:22:13 +08:00
OJ
72a20ce464
Merge timwr's changes that fix android/reverse_http
2016-12-01 09:59:41 +10:00
David Maloney
2a065cd220
Land #7591 , sinn3r's warbird check fix
...
Lands sinn3r's fix to the warbird license verification
check in the payload segment injector
2016-11-30 15:45:04 -06:00
Tim
78480e31e7
remove AutoLoadAndroid
2016-11-30 21:23:14 +08:00
Tim
b494d069f7
fix android/meterpreter/reverse_https
2016-11-30 20:53:09 +08:00
Tim
92751714c1
fix android/meterpreter/reverse_http
2016-11-30 20:12:00 +08:00
OJ
e5db0f4610
Fix unpack causing puid breakage in some cases
2016-11-30 15:51:17 +10:00
OJ
3fad75641d
Final touches to make MSF happy with all refactorings
2016-11-30 11:30:59 +10:00
OJ
834756c337
Rework android structure to function with the multi arch payload
2016-11-29 17:55:31 +10:00
OJ
bdfaaf01b2
Make multi work with https
2016-11-29 15:51:38 +10:00
OJ
bd8f8fd6cb
More rework of payload structure to handle multi arch handlers
2016-11-29 15:21:13 +10:00
OJ
beca63645e
Revamp of java payload structure
2016-11-29 11:54:30 +10:00
OJ
e8d7a074fa
Tweak to stageless handling for python payloads
2016-11-29 07:54:51 +10:00
OJ
5e8a47ac00
Merge upstream/master into universal handler work
2016-11-28 15:26:43 +10:00
OJ
496836fc06
Remove debug junk, rejig order of ops in initializer
2016-11-28 15:25:07 +10:00
OJ
e8158bd200
Add multi platform type, wire into the multi stage
2016-11-28 09:34:09 +10:00
OJ
5fdd5a7326
More progress on http universal staged handler
2016-11-25 13:00:35 +10:00
Jin Qian
9f4784354a
Disconnect after making the HTTP transaction in send_request_cgi
...
Add a disconnect call after cgi is done.
2016-11-23 11:20:10 -06:00
James Lee
b45a36180e
Don't complain when Proxies is an empty string
2016-11-22 09:29:04 -06:00
OJ
c606eabbb9
Merge 'upstream/master' into universal-handlers
2016-11-22 14:06:46 +10:00
wchen-r7
b2cc8e2b95
Fix #7569 , Fix warbird check for missing text section
...
Fix #7569
2016-11-21 14:57:01 -06:00
Tim
daae46d37b
Fixes #7552 , fix apk injection into proguarded apks
2016-11-21 15:05:59 +08:00
Brent Cook
f313389be4
Merge remote-tracking branch 'upstream/master' into land-7507-uuid-arch
2016-11-20 19:08:56 -06:00
h00die
cd01b07682
Land #7565
...
Lands print_bad and vprint_bad from todb-r7
2016-11-18 13:29:39 -05:00
Tim
66ba2b077b
Land #7567 , fix apk injection when template has no permissions
2016-11-17 11:42:54 +00:00
Brian Yip
927e195e28
Generate payload apk from permissionless apk
2016-11-16 00:48:10 -04:00
Tod Beardsley
1deacad2be
Add a print_bad alias for print_error
...
Came up on Twitter, where Justin may have been trolling a little:
https://twitter.com/jstnkndy/status/798671298302017536
We have a `print_good` method, but not a `print_bad`, which seems a
little weird for Ruby -- opposite methods should be intuitive as Justin
is implying.
Anyway, I went with alias_method, thanks to the compelling argument at
https://github.com/bbatsov/ruby-style-guide#alias-method
...since Metasploit is all about the singleton, and didn't want to risk
some unexpected scoping thing.
Also dang, we define the `print_` methods like fifty billion times!
Really should fix that some day.
2016-11-15 19:20:42 -06:00
Brendan
7e4645afb3
Land #7527 , Add LURI support to the reverse_http/s stagers
2016-11-15 16:31:20 -06:00
dana-at-cp
c0e839dfd9
Fixes keytool bug in APK inject code
2016-11-11 06:12:47 -08:00
OJ
50c2ed8509
Fix post mixin platform/session check
2016-11-05 02:41:52 +10:00